Route Origin Authorization
$ rpki-client -vvf rpkica.twnic.tw/rpki/TWNICCA/LIRUN/XRPxnLB6zHTOP5A6PcZqqUqozeg.roa
File: XRPxnLB6zHTOP5A6PcZqqUqozeg.roa (raw, json)
Hash identifier: wm4fAwzQAu1HP/3X594C0GXbfX8Qb9f0V3W9EEp94SQ=
Subject key identifier: 5D:13:F1:9C:B0:7A:CC:74:CE:3F:90:3A:3D:C6:6A:A9:4A:A8:CD:E8
Certificate issuer: /CN=D966B55909324180A88A45E1F683CF4D2ED9BCA5
Certificate serial: 16
Authority key identifier: D9:66:B5:59:09:32:41:80:A8:8A:45:E1:F6:83:CF:4D:2E:D9:BC:A5
Authority info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.cer
Subject info access: rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/XRPxnLB6zHTOP5A6PcZqqUqozeg.roa
Signing time: Thu 16 May 2024 12:03:28 +0000
ROA not before: Thu 16 May 2024 12:03:28 +0000
ROA not after: Sat 26 Apr 2025 10:00:55 +0000
asID: 214901
IP address blocks: 157.66.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 May 2024 07:52:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22 (0x16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=D966B55909324180A88A45E1F683CF4D2ED9BCA5
Validity
Not Before: May 16 12:03:28 2024 GMT
Not After : Apr 26 10:00:55 2025 GMT
Subject: CN=5D13F19CB07ACC74CE3F903A3DC66AA94AA8CDE8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:db:42:d7:9e:81:16:11:2f:29:c9:da:43:ea:
28:10:ee:41:49:3c:ed:48:25:86:06:ed:13:41:cd:
08:8f:a7:43:b5:99:d8:24:fa:8e:2b:86:89:e8:38:
08:67:37:09:b0:b7:11:f8:fb:14:3f:b3:b4:e9:d9:
f3:74:07:05:50:90:57:61:1a:0e:ba:88:3c:46:0b:
da:2c:22:6c:67:1e:f0:a6:d3:f4:6e:e7:80:0a:7f:
5b:f2:0b:ed:6c:29:b2:bc:a5:91:b8:07:87:11:1c:
bf:7b:67:35:88:17:74:60:08:55:22:a9:34:fc:91:
19:29:11:10:c0:86:03:34:7a:99:c4:a4:02:18:67:
fb:c8:ec:68:35:2f:81:56:6b:2a:31:c1:7c:ff:8b:
c5:df:f4:18:a3:34:86:48:15:d8:66:5c:6c:da:16:
b9:1f:89:e2:b4:d1:ad:f7:9d:55:be:c1:c8:56:a7:
47:a4:02:c7:82:b2:45:e7:c0:46:1c:7b:fb:7a:a7:
8a:13:45:80:ee:87:8e:40:b2:58:bb:ab:b0:6f:d3:
1c:70:f7:6f:a3:06:b9:c3:86:f3:ac:40:2c:32:15:
e3:ce:63:8e:37:5f:ce:13:c6:7a:ba:1f:26:b0:af:
f6:23:e9:bf:00:ae:af:0b:fa:29:44:99:cc:79:d9:
b4:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:13:F1:9C:B0:7A:CC:74:CE:3F:90:3A:3D:C6:6A:A9:4A:A8:CD:E8
X509v3 Authority Key Identifier:
keyid:D9:66:B5:59:09:32:41:80:A8:8A:45:E1:F6:83:CF:4D:2E:D9:BC:A5
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.crl
Authority Information Access:
CA Issuers - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/2Wa1WQkyQYCoikXh9oPPTS7ZvKU.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpkica.twnic.tw/rpki/TWNICCA/LIRUN/XRPxnLB6zHTOP5A6PcZqqUqozeg.roa
RPKI Notify - URI:https://rrdp.twnic.tw/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
157.66.166.0/24
Signature Algorithm: sha256WithRSAEncryption
27:33:22:63:c2:7a:97:7c:d3:27:15:49:46:a1:3e:97:9a:f4:
c5:b0:91:ec:24:7b:17:1a:f2:1d:d0:b8:91:7e:a3:61:b0:8b:
1a:6b:b1:e6:c1:94:7a:f1:1b:00:a7:7d:e1:fc:3e:1a:a2:c6:
3e:fb:fa:fe:64:86:90:46:cb:18:6b:9c:94:61:cf:f4:9d:04:
56:76:e7:12:52:9c:e5:d3:42:0e:7e:bc:4e:67:7d:1c:08:fb:
7c:a2:0e:1c:ee:0d:a2:9b:d4:55:00:f0:c7:eb:3b:44:69:bb:
58:09:23:1e:60:f0:e3:88:6b:16:af:81:fb:a7:24:db:77:e8:
ab:c3:19:ef:62:68:3c:a6:60:94:e1:d0:67:1b:3f:1f:79:4f:
06:cb:34:a4:26:5f:fb:b9:52:a8:55:49:b8:bd:e4:83:a7:3b:
f7:dc:e0:6a:20:83:2f:fa:61:45:fa:fd:9a:24:a0:48:7d:b4:
7a:a0:7f:da:84:27:2c:a2:02:c7:29:62:69:a5:ec:39:54:de:
43:a7:1a:23:97:2a:1a:01:34:af:12:55:e3:3f:2d:8e:d7:61:
44:f6:2c:84:13:fc:7e:1a:a9:c4:00:b3:e2:92:76:36:d6:5d:
8f:ce:f0:21:90:75:ac:db:de:c7:4f:18:1b:d4:31:b8:ec:5e:
3e:76:71:71
-----BEGIN CERTIFICATE-----
MIIEzzCCA7egAwIBAgIBFjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhEOTY2
QjU1OTA5MzI0MTgwQTg4QTQ1RTFGNjgzQ0Y0RDJFRDlCQ0E1MB4XDTI0MDUxNjEy
MDMyOFoXDTI1MDQyNjEwMDA1NVowMzExMC8GA1UEAxMoNUQxM0YxOUNCMDdBQ0M3
NENFM0Y5MDNBM0RDNjZBQTk0QUE4Q0RFODCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAL3bQteegRYRLynJ2kPqKBDuQUk87UglhgbtE0HNCI+nQ7WZ2CT6
jiuGieg4CGc3CbC3Efj7FD+ztOnZ83QHBVCQV2EaDrqIPEYL2iwibGce8KbT9G7n
gAp/W/IL7WwpsrylkbgHhxEcv3tnNYgXdGAIVSKpNPyRGSkREMCGAzR6mcSkAhhn
+8jsaDUvgVZrKjHBfP+Lxd/0GKM0hkgV2GZcbNoWuR+J4rTRrfedVb7ByFanR6QC
x4KyRefARhx7+3qnihNFgO6HjkCyWLursG/THHD3b6MGucOG86xALDIV485jjjdf
zhPGerofJrCv9iPpvwCurwv6KUSZzHnZtKUCAwEAAaOCAewwggHoMB0GA1UdDgQW
BBRdE/GcsHrMdM4/kDo9xmqpSqjN6DAfBgNVHSMEGDAWgBTZZrVZCTJBgKiKReH2
g89NLtm8pTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFsGA1UdHwRUMFIwUKBO
oEyGSnJzeW5jOi8vcnBraWNhLnR3bmljLnR3L3Jwa2kvVFdOSUNDQS9MSVJVTi8y
V2ExV1FreVFZQ29pa1hoOW9QUFRTN1p2S1UuY3JsMGAGCCsGAQUFBwEBBFQwUjBQ
BggrBgEFBQcwAoZEcnN5bmM6Ly9ycGtpY2EudHduaWMudHcvcnBraS9UV05JQ0NB
LzJXYTFXUWt5UVlDb2lrWGg5b1BQVFM3WnZLVS5jZXIwDgYDVR0PAQH/BAQDAgeA
MIGbBggrBgEFBQcBCwSBjjCBizBWBggrBgEFBQcwC4ZKcnN5bmM6Ly9ycGtpY2Eu
dHduaWMudHcvcnBraS9UV05JQ0NBL0xJUlVOL1hSUHhuTEI2ekhUT1A1QTZQY1px
cVVxb3plZy5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnJkcC50d25pYy50dy9y
cmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACdQqYw
DQYJKoZIhvcNAQELBQADggEBACczImPCepd80ycVSUahPpea9MWwkewkexca8h3Q
uJF+o2GwixprsebBlHrxGwCnfeH8Phqixj77+v5khpBGyxhrnJRhz/SdBFZ25xJS
nOXTQg5+vE5nfRwI+3yiDhzuDaKb1FUA8MfrO0Rpu1gJIx5g8OOIaxavgfunJNt3
6KvDGe9iaDymYJTh0GcbPx95TwbLNKQmX/u5UqhVSbi95IOnO/fc4Goggy/6YUX6
/ZokoEh9tHqgf9qEJyyiAscpYmml7DlU3kOnGiOXKhoBNK8SVeM/LY7XYUT2LIQT
/H4aqcQAs+KSdjbWXY/O8CGQdazb3sdPGBvUMbjsXj52cXE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:04:39 2024 by rpki-client on console-fra.rpki-client.org